mpp-setup
Warn
Audited by Snyk on Jun 29, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.95). The skill’s REQUIRED workflow includes “Fetch live docs” from public URLs (npmjs.com, docs.stripe.com, mpp.dev, and GitHub search results), and the LLM would ingest the fetched page text as free-form content into its context—an outsider-authored source.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is explicitly designed to enable payments: it references Stripe machine payments (including STRIPE_SECRET_KEY), Tempo crypto payments (TEMPO_RECIPIENT_ADDRESS, TEMPO_CHAIN_ID, TEMPO_USDC_CONTRACT), and use of an mppx SDK with explicit charge APIs/middleware (e.g., tempo.charge, mppx.charge). It scaffolds payment-protected endpoints and instructs installing/payment configuration and secret keys—i.e., tools and APIs whose primary purpose is to send/receive money. This constitutes direct financial execution authority.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata